| 摘要 |
PROBLEM TO BE SOLVED: To provide a cryptographic random number generation system and method using an elliptic curve.SOLUTION: An elliptic curve random number generator inputs two points P and Q being two points on an elliptic curve which satisfy P=eQ. A hash value of a bit stream including a value at the point P is calculated, the hash value is converted into an element of a field, the element of the field is regarded as x coordinates at the point Q on the elliptic curve, and the availability of the x coordinates on a desired elliptic curve is tested. The x coordinates when available are extended to the point Q, and the selection of the code of y coordinates is also derived from the hash value. In this case, e is called an escrow key, and only a manager of a security domain knows it. The point Q on the elliptic curve is verifiably selected at random so that the escrow key can be prevented from being known. A backup function is provided by the intentional use of the escrow key. The manager records the output of the generator, and restructures a random number with the escrow key. |
